Zoom 5.0 Includes Security and Privacy Improvements
Zoom has released a new version of its teleconferencing software. New features in Zoom 5.0 include controlled data routing, and passwords on by default for all meetings; administrators can now establish password complexity requirements. Zoom is also implementing stronger encryption, which is expected to be enabled system-wide by the end of May. The newest version of Zoom will be rolled out to users over the next week.
Zoom continues to live up to its promise to enhance security, but there is a predictable trajectory when IT platforms retroactively add security features. Security management capabilities tend to lag, providing limited visibility into and tracking of critical security policies/events. The Business version of Zoom has an admin dashboard that is mostly performance oriented and relies on exporting .CSV files for any deeper analysis - never a scalable approach. Third-party partner vendors can fill the gap, but the Zoom App Marketplace has a very limited choice of small vendors. Zoom may add more security management capabilities, but training will be required for admins and security analysts on how to properly configure and monitor security relevant features, how to integrate to SIEM, etc. Many will require direct vendor support until these capabilities mature. At the Enterprise pricing level of Zoom ($1999/month minimum) you get a dedicated "Customer Success Manager" which many may need to buy.
The update is not available yet; yes, I tried to update before reading that, too. The plan is to push out client updates next week. They are updating to AES 265 GCM encryption, and allowing your account admin to control meeting routing. They are also grouping the security settings together under a new security icon. The Zoom blog explains the new features: https://blog.zoom.us/wordpress/2020/04/22/zoom-hits-milestone-on-90-day-security-plan-releases-zoom-5-0/: Zoom Hits Milestone on 90-Day Security Plan, Releases Zoom 5.0